| f38a002624126ca837865826f948edc9100d6e8a |
|
26-Apr-2017 |
Janis Danisevskis <jdanis@google.com> |
Make keymaster more self contained
Keymaster uses UniquePtr, a reimplementation of std::unique_ptr offered
by the Android framework. As keymaster becomes part of the trebbelized
HAL, it must build with the vndk. As such it must not use framework
headers. An attempt to replace UniquePtr with std::unique_ptr, which
is available in the vndk, failed because keymaster, i.e., parts thereof,
must also build and run in the Trusty environment which does not have
a full C++ STL.
This patch makes keymaster more self contained. To that end the
following was done by this patch.
* Install a copy of UniquePtr.h in include/keymaster.
* Add a tiny subset of STL symbols to keymaster.
* Reorganize linking units and
* build parts of keymaster with stl: "none".
libkeymaster1 was split into libkeymaster_portable and libkeymaster.
The former comprises all compilation units that are included
in the keymaster TA (trusted app) and must run on Trusty.
This library is built with the option stl: "none" to raise
compilation errors as soon as someone tries to use STL features.
A tiny subset of STL symbols, which are also available in Trusty
is weakly defined in keymaster_stl.cpp.
The latter library comprises some other functionality that is
used by the softkeymasterdevice on Android and may use the STL.
Bug: 37467707
Test: keymaster vts tests and keystore cts test
Change-Id: I884336e1a2d2c6402a2c7deb27010fd88b907b6b
/system/keymaster/serializable.cpp
|
| cf3763f666d2236159a22b496b6ede55878aa100 |
|
03-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Revert "Make keymaster more self contained"
This reverts commit dcd67c1dd0a457feec619974b3d7d077903012a8.
Reason for revert: build breakage
Change-Id: Id7a1b29d82f69ab21e7c461dbabc4e1466870359
/system/keymaster/serializable.cpp
|
| dcd67c1dd0a457feec619974b3d7d077903012a8 |
|
26-Apr-2017 |
Janis Danisevskis <jdanis@google.com> |
Make keymaster more self contained
Keymaster uses UniquePtr, a reimplementation of std::unique_ptr offered
by the Android framework. As keymaster becomes part of the trebbelized
HAL, it must build with the vndk. As such it must not use framework
headers. An attempt to replace UniquePtr with std::unique_ptr, which
is available in the vndk, failed because keymaster, i.e., parts thereof,
must also build and run in the Trusty environment which does not have
a full C++ STL.
This patch makes keymaster more self contained. To that end the
following was done by this patch.
* Install a copy of UniquePtr.h in include/keymaster.
* Add a tiny subset of STL symbols to keymaster.
* Reorganize linking units and
* build parts of keymaster with stl: "none".
libkeymaster1 was split into libkeymaster_portable and libkeymaster.
The former comprises all compilation units that are included
in the keymaster TA (trusted app) and must run on Trusty.
This library is built with the option stl: "none" to raise
compilation errors as soon as someone tries to use STL features.
A tiny subset of STL symbols, which are also available in Trusty
is weakly defined in keymaster_stl.cpp.
The latter library comprises some other functionality that is
used by the softkeymasterdevice on Android and may use the STL.
Test: keymaster vts tests and keystore cts test
Change-Id: Iba03b45cc3d20854c577160f90fe24bfa7857986
/system/keymaster/serializable.cpp
|
| 637dd8429285bfdc0b89622476ea94d782b1eb14 |
|
31-Mar-2016 |
Sami Tolvanen <samitolvanen@google.com> |
keymaster: fix pointer overflow checks
Compiler can optimize away pointer overflow checks. Cast pointers
to uintptr_t to make sure this doesn't happen.
Bug: 27774248
Change-Id: Ib1d054ea5586cf110ae6cbbcd8ca1cd9e157c170
/system/keymaster/serializable.cpp
|
| 0f906ec40f6ade7955c6b967ea522aade54ea2e4 |
|
20-Jun-2015 |
Shawn Willden <swillden@google.com> |
Add buffer wrap checks and disable throwing of std::bad_alloc.
Android is built with exceptions disabled, but "operator new" and
"operator new[]" still throw std::bad_alloc on failure rather than
returning new. In general this is a good thing, because it will cause
an immediate crash of the process rather than assigning a null pointer
which is probably not checked. But most memory allocations in Keymaster
are checked, because it's written to run in an environment where new
does *not* throw. This CL updates the code to explicitly use the
non-throwing new.
A handful of throwing news remain, but only in places where a crash on
failure is appropriate.
In addition, this CL also inserts buffer wrap checks in key locations
and changes the development-machine Makefile to build in 32-bit mode, to
make memory problems more apparent.
Bug: 21888473
Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef
/system/keymaster/serializable.cpp
|
| b6837e7a62a1192e33beef586282812239ee8b28 |
|
16-May-2015 |
Shawn Willden <swillden@google.com> |
Remove references to Google in Android keymaster reference implementation.
Change-Id: I05de61353fc806b90232fab7c1d1cf76aefa35fc
/system/keymaster/serializable.cpp
|
| 1834d5f82a7ad5884c184fd22c702ac9d915af45 |
|
08-Dec-2014 |
Shawn Willden <swillden@google.com> |
Remove redundant NULL checks on calls to memset_s.
This change was already reviewed, merged and reverted, so I'm skipping
the review step this time.
Change-Id: I6f7ecb71fc03b9a821c81e1bc0f54952225d9da8
/system/keymaster/serializable.cpp
|
| 2dbe752a441cf8487b9b81772271e5abd18d0475 |
|
20-Jan-2015 |
Shawn Willden <swillden@google.com> |
Revert "Remove redundant NULL checks on calls to memset_s."
This reverts commit 356f6d4cf3d236e375a84e24b11359a5c1f1081f.
/system/keymaster/serializable.cpp
|
| 356f6d4cf3d236e375a84e24b11359a5c1f1081f |
|
08-Dec-2014 |
Shawn Willden <swillden@google.com> |
Remove redundant NULL checks on calls to memset_s.
Change-Id: I04ef8e2bc640a1a6ef7fe32b37b4d84313ae20af
/system/keymaster/serializable.cpp
|
| 98d9b92547a9a7553b99e3e941a4175926f95b62 |
|
26-Aug-2014 |
Shawn Willden <swillden@google.com> |
Reorganize system/keymaster.
This CL moves the includes that should be exported to include/ and
removes the trusty-specific code (some of which is moving to
hardware/google and some of which is moving to the trusty tree.)
Change-Id: Ie4fabf6b5c5f36b50c2f5ff356548ca2e9140fcb
/system/keymaster/serializable.cpp
|
| f2282b3c6690ccfaa7878886f01693ef4f0b3bed |
|
25-Aug-2014 |
Shawn Willden <swillden@google.com> |
Add some "fuzzing" tests for deserialization, and fixes for all of the
problems discovered.
Change-Id: I050344f6c6d0a19b7f3304d23729b4ca71c05042
/system/keymaster/serializable.cpp
|
| 172f8c9be706e27f43022063bbc7f4b0177583ac |
|
17-Aug-2014 |
Shawn Willden <swillden@google.com> |
Housekeeping CL.
Make variable names and formatting more consistent. Also, add doxygen comments to Serializable.
Change-Id: I24ff138611111acf96112be74a04cc35f04908e0
/system/keymaster/serializable.cpp
|
| 8d336ae10df66da4c0433f17c2d42e85baea32c5 |
|
09-Aug-2014 |
Shawn Willden <swillden@google.com> |
Change authorization set serialization approach to ensure that 32 vs 64
bit size and alignment differences don't cause problems.
Change-Id: I4a308cfac782161db2f1456adb2d6a56537e61f1
/system/keymaster/serializable.cpp
|
| 58e1a5486219a1be9264d4e863a9dd3e393906c3 |
|
09-Aug-2014 |
Shawn Willden <swillden@google.com> |
Eliminate in-place serialization.
Not doing in-place serialization will result in greater heap
consumption, but eliminates many alignment-related issues. Given more
time, I'd prefer to solve the alignment issues by computing and
inserting appropriate padding, but we don't have the time.
Change-Id: I86e4bdf57263db26c73372ae2963f21c5f5f00aa
/system/keymaster/serializable.cpp
|
| 5ada7b6c525d2bfd5b556a698ccb11db23e052bb |
|
29-Jul-2014 |
Shawn Willden <swillden@google.com> |
Add AuthorizationSet class and some supporting utils and a Makefile for
running tests on the dev machine.
Change-Id: I608e660854ace71409dd8bb5395d83dcfbf803c0
/system/keymaster/serializable.cpp
|